Fortinet introduces FortiNAC for network access control

Fortinet, a global provider of broad, integrated and automated cybersecurity solutions, has announced FortiNAC, a new network access control (NAC) product line that delivers network segmentation and automated responses for Internet of Things (IoT) security.

The rise of unsecure, standalone IoT devices, including industrial and medical IoT, requires new tools for securing networks. Fortinet’s new FortiNAC product line delivers network access control to secure IoT environments and provides enhanced visibility, control and automated responses.

FortiNAC provides detailed profiling of each device on the network and enables granular network segmentation and automated responses for changes in device status or behaviour. This ensures each device only has access to approved items on the network.

According to Gartner, “Internet of Things endpoints will grow at a 32% CAGR from 2016 through 2021, reaching an installed base of 25.1 billion units.”* The sheer volume of devices—including IoT, corporate, and those stemming from bring your own device (BYOD) policies—seeking wired and wireless network access are exponentially enlarging the attack surface and raising internal provisioning, management and compliance costs. The responsibility of connecting and securing access has shifted from being a network-led issue to a security-led issue and poses a challenge for organisations: security managers need to secure every single device every single time, while cybercriminals only need one open port, one compromised or unknown device or one uncontained threat to circumvent all of the effort going into securing the network.

Fortinet’s new network access controller, FortiNAC, diminishes the security risks associated with unsecured devices accessing the network by giving organisations total visibility of endpoints, users, trusted and untrusted devices and applications. Once visibility has been achieved, FortiNAC establishes dynamic controls that ensure that all devices, whether wired or wirelessly connected, are authenticated or authorised, and are subject to a context-driven policy that defines who, what, when and where connectivity is permitted.

This ensures that only the appropriate people and devices can connect to and access appropriate applications, infrastructure and assets. Additionally, FortiNAC can enforce company policies on device patching and firmware version. FortiNAC also contains powerful network orchestration capabilities for delivering automated responses to identified threats and can perform threat containment in seconds, where a manual process could take days or weeks.

Networks are in constant flux, with new devices connecting and disconnecting; controlling the network by controlling access to any device seeking access is a key part for ensuring the integrity of a network. Such an approach—where no unknown devices ever gain access to the corporate infrastructure, permitted devices are automatically segmented based on policies and roles and connected devices that begin to violate profiles are immediately quarantined from the network—becomes the foundation for a comprehensive security posture. 

Furthermore, the FortiNAC network access control solution is cost-effective and highly scalable, extending visibility and protection to an unlimited number of devices and eliminating the need for deployment at every location of a multi-site installation.

The new solution enables Fortinet to extend the ability of its Security Fabric to engage network devices beyond the Fabric-Ready Partner Program to a wider multivendor environment, including third-party firewalls, switches, wireless access points and endpoints. 

John Maddison, SVP of products and solutions at Fortinet said, “Digital transformation brings a proliferation of unsecure IoT devices accessing the network, and with it, the increased risk of a security breach. FortiNAC allows organisations to identify every single device on the network and enables segmentation, giving each device access only to approved items. This functionality is delivered all within a solution that works with multivendor environments and an unlimited number of devices.

"FortiNAC strengthens the Fortinet Security Fabric for IoT deployments, delivering broad, integrated and automated cybersecurity solutions across the entire attack surface. In the world of IoT, FortiNAC answers the question ‘what’s on your network’."

“The NAC market is seeing double-digit growth in revenue, which is being driven by the need for device visibility in the network and concerns over IoT security. FortiNAC is a great enhancement to the Fortinet Security Fabric because it delivers an effective solution to IoT security risks and provides a compelling combination of multivendor support for enhanced detection and enforcement, as well as efficient and effective scalability for cost-effective deployment,” said Zeus Kerravala, ZK Research.

*Gartner, Forecast: Internet of Things — Endpoints and Associated Services, Worldwide, 2017, Peter Middleton, Tracy Tsai, Masatsune Yamaji, Anurag Gupta, Denise Rueb, 21 December 2017.